﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using agent02.Model;

namespace agent02.Areas.Admin.Models
{
    public class AdminAuthorization : AuthorizeAttribute
    {
        AgentDBEntities db = new AgentDBEntities();
        public bool IsAuthorized(string userName)
        {
            bool isAuthorized = false;

            // only employees are authorized
            var authUsers = from u in db.NHAN_VIEN
                            select u.TAI_KHOAN.Username;

            if (authUsers.Contains(userName))
            {
                isAuthorized = true;
            }

            return isAuthorized;
        }
    }
}